Conference Paper
Privacy by BlockChain Design: A BlockChain-enabled GDPR-compliant Approach for Handling Personal Data
Fulltext URI
Document type
Text/Conference Paper
Additional Information
Date
2018
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
European Society for Socially Embedded Technologies (EUSSET)
Abstract
This paper takes an initial step forward in bringing to life
the certification mechanisms according to Art. 42 of the
General Data Protection Regulation (GDPR). These newly
established methods of legal specification act not only as
a central vehicle for overcoming widely articulated and
discussed legal challenges, but also as a sandbox for the
much needed close collaboration between computer sciences
and legal studies. In order to illustrate, for example,
what data protection seals could look like in the future,
the authors propose a methodology for "translating"
legal requirements into technical guidelines: architectural
blueprints designed using legal requirements. The purpose
of these blueprints is to show developers how their solutions
might comply with the principle of Privacy by Design
(Art. 25 GDPR). To demonstrate this methodology, the authors
propose an architectural blueprint that embodies the
legal concept of the data subject’s consent (Art. 6 sec. 1
lit. a GDPR) and elevates best practice to a high standard
of Privacy by Design. Finally, the authors highlight further
legal problems concerning blockchain technology under the
GDPR that will have to be addressed in order to achieve
a comprehensive certification mechanism for Privacy by
Blockchain Design in the future.